25f0d1d728abc992d5539d89bc85dc68

Sharing

Copy URL

Twitter E-mail

General

Target

25f0d1d728abc992d5539d89bc85dc68
Size

873KB
MD5

25f0d1d728abc992d5539d89bc85dc68
SHA1

0a2cee6ebfb38c2cb1f9483371486ff7a6827018
SHA256

a557ac5ce3c3ce810a82e9e9271ea542a62a353ea46ca8ffb101f36aec3c698c
SHA512

8977bbb0f4132bc68b98e5dc439e3b7f0811a6903dceaae644aa5641b64e53b6dcd26b229d2546e93bf09388b4cd4d87d1d6016b8ee3fea87e18b76d4498ac05
SSDEEP

12288:7KyX433Gw62nQWMU7SYNflHZ1bvTwufBJUel6L9:OW43Ww62nQWMU7SYNr1bvTfoeYh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25f0d1d728abc992d5539d89bc85dc68

Files

25f0d1d728abc992d5539d89bc85dc68
.exe windows:4 windows x86 arch:x86

338560201c966036fc411b285704d3c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libgwenhywfar-47

GWEN_Logger_GetLevel
GWEN_Logger_Log

kernel32

DeleteCriticalSection
EnterCriticalSection
ExitProcess
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_iob
_onexit
_setmode
_winmajor
abort
atexit
calloc
fputc
free
fwrite
getenv
localeconv
malloc
memcpy
signal
strlen
vfprintf
wcslen

libgcc_s_dw2-1

_Unwind_Resume
__deregister_frame_info
__register_frame_info
__udivdi3
__umoddi3

libstdc++-6

_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZdlPv
_Znwj
__gxx_personality_v0

qt3support4

_ZN12Q3MainWindow10childEventEP11QChildEvent
_ZN12Q3MainWindow10paintEventEP11QPaintEvent
_ZN12Q3MainWindow10setMenuBarEP8QMenuBar
_ZN12Q3MainWindow10setVisibleEb
_ZN12Q3MainWindow11dockingAreaERK6QPoint
_ZN12Q3MainWindow11eventFilterEP7QObjectP6QEvent
_ZN12Q3MainWindow11qt_metacallEN11QMetaObject4CallEiPPv
_ZN12Q3MainWindow11qt_metacastEPKc
_ZN12Q3MainWindow11setUpLayoutEv
_ZN12Q3MainWindow12setStatusBarEP10QStatusBar
_ZN12Q3MainWindow12showDockMenuERK6QPoint
_ZN12Q3MainWindow13addDockWindowEP12Q3DockWindowN2Qt4DockEb
_ZN12Q3MainWindow13addDockWindowEP12Q3DockWindowRK7QStringN2Qt4DockEb
_ZN12Q3MainWindow14moveDockWindowEP12Q3DockWindowN2Qt4DockE
_ZN12Q3MainWindow14moveDockWindowEP12Q3DockWindowN2Qt4DockEbii
_ZN12Q3MainWindow14setAppropriateEP12Q3DockWindowb
_ZN12Q3MainWindow14setDockEnabledEN2Qt4DockEb
_ZN12Q3MainWindow14setDockEnabledEP12Q3DockWindowN2Qt4DockEb
_ZN12Q3MainWindow15setOpaqueMovingEb
_ZN12Q3MainWindow16removeDockWindowEP12Q3DockWindow
_ZN12Q3MainWindow16setCentralWidgetEP7QWidget
_ZN12Q3MainWindow16setUsesTextLabelEb
_ZN12Q3MainWindow16staticMetaObjectE
_ZN12Q3MainWindow17setUsesBigPixmapsEb
_ZN12Q3MainWindow18setDockMenuEnabledEb
_ZN12Q3MainWindow21setDockWindowsMovableEb
_ZN12Q3MainWindow21setRightJustificationEb
_ZN12Q3MainWindow5eventEP6QEvent
_ZN12Q3MainWindow9customizeEv
_ZN12Q3MainWindow9whatsThisEv
_ZN12Q3MainWindowC2EP7QWidgetPKc6QFlagsIN2Qt10WindowTypeEE
_ZN12Q3MainWindowD2Ev
_ZN13Q3TextBrowserC1EP7QWidgetPKc
_ZN16Q3SimpleRichText8setWidthEP8QPainteri
_ZN16Q3SimpleRichTextC1ERK7QStringRK5QFontS2_PK12Q3StyleSheetPK19Q3MimeSourceFactoryiRK6QColorb
_ZN16Q3SimpleRichTextD1Ev
_ZN9Q3ToolBar12addSeparatorEv
_ZN9Q3ToolBarC1EP12Q3MainWindowPKc
_ZNK10Q3TextEdit10styleSheetEv
_ZNK10Q3TextEdit13documentTitleEv
_ZNK10Q3TextEdit17mimeSourceFactoryEv
_ZNK10Q3TextEdit4textEv
_ZNK10Q3TextEdit7contextEv
_ZNK12Q3MainWindow14isCustomizableEv
_ZNK12Q3MainWindow15minimumSizeHintEv
_ZNK12Q3MainWindow20createDockWindowMenuENS_11DockWindowsE
_ZNK12Q3MainWindow8sizeHintEv
_ZNK12Q3MainWindow9statusBarEv
_ZNK13Q3TextBrowser6sourceEv
_ZNK16Q3SimpleRichText4drawEP8QPainteriiRK5QRectRK11QColorGroupPK6QBrush
_ZNK16Q3SimpleRichText6heightEv
_ZTV11Q3PopupMenu

qtgui4

_ZN10QBoxLayout10setSpacingEi
_ZN10QBoxLayout9addWidgetEP7QWidgeti6QFlagsIN2Qt13AlignmentFlagEE
_ZN11QMessageBox5aboutEP7QWidgetRK7QStringS4_
_ZN11QMessageBox7aboutQtEP7QWidgetRK7QString
_ZN11QMessageBox8criticalEP7QWidgetRK7QStringS4_S4_S4_S4_ii
_ZN11QToolButtonC1ERK5QIconRK7QStringS5_P7QObjectPKcP7QWidgetS9_
_ZN11QVBoxLayoutC1EP7QWidget
_ZN12QApplication13setMainWidgetEP7QWidget
_ZN12QApplication4execEv
_ZN12QApplicationC1ERiPPci
_ZN12QApplicationD1Ev
_ZN12QFontMetricsD1Ev
_ZN12QKeySequenceC1Eiiii
_ZN12QKeySequenceD1Ev
_ZN5QFontC1Ev
_ZN5QFontD1Ev
_ZN5QIconC1ERK7QPixmap
_ZN5QIconD1Ev
_ZN5QMenu15insertSeparatorEi
_ZN5QMenu9insertAnyEPK5QIconPK7QStringPK7QObjectPKcPK12QKeySequencePKS_ii
_ZN5QMenuC2EP7QWidget
_ZN6QColorC1EN2Qt11GlobalColorE
_ZN6QFrame13setFrameStyleEi
_ZN7QAction10setEnabledEb
_ZN7QLayout18setContentsMarginsEiiii
_ZN7QLayout9setMarginEi
_ZN7QPixmapC1EPKPKc
_ZN7QPixmapC1ERK7QStringPKc6QFlagsIN2Qt19ImageConversionFlagEE
_ZN7QPixmapD1Ev
_ZN7QWidget10closeEventEP11QCloseEvent
_ZN7QWidget10enterEventEP6QEvent
_ZN7QWidget10fontChangeERK5QFont
_ZN7QWidget10leaveEventEP6QEvent
_ZN7QWidget10setEnabledEb
_ZN7QWidget10wheelEventEP11QWheelEvent
_ZN7QWidget11actionEventEP12QActionEvent
_ZN7QWidget11changeEventEP6QEvent
_ZN7QWidget11resizeEventEP12QResizeEvent
_ZN7QWidget11styleChangeER6QStyle
_ZN7QWidget11tabletEventEP12QTabletEvent
_ZN7QWidget12focusInEventEP11QFocusEvent
_ZN7QWidget13dragMoveEventEP14QDragMoveEvent
_ZN7QWidget13enabledChangeEb
_ZN7QWidget13focusOutEventEP11QFocusEvent
_ZN7QWidget13keyPressEventEP9QKeyEvent
_ZN7QWidget13paletteChangeERK8QPalette
_ZN7QWidget14dragEnterEventEP15QDragEnterEvent
_ZN7QWidget14dragLeaveEventEP15QDragLeaveEvent
_ZN7QWidget14mouseMoveEventEP11QMouseEvent
_ZN7QWidget14setWindowTitleERK7QString
_ZN7QWidget15keyReleaseEventEP9QKeyEvent
_ZN7QWidget15mousePressEventEP11QMouseEvent
_ZN7QWidget16contextMenuEventEP17QContextMenuEvent
_ZN7QWidget16inputMethodEventEP17QInputMethodEvent
_ZN7QWidget16staticMetaObjectE
_ZN7QWidget17mouseReleaseEventEP11QMouseEvent
_ZN7QWidget18focusNextPrevChildEb
_ZN7QWidget21mouseDoubleClickEventEP11QMouseEvent
_ZN7QWidget22windowActivationChangeEb
_ZN7QWidget6resizeERK5QSize
_ZN7QWidget8setFocusEN2Qt11FocusReasonE
_ZN7QWidget8winEventEP6tagMSGPl
_ZN7QWidget9dropEventEP10QDropEvent
_ZN7QWidget9hideEventEP10QHideEvent
_ZN7QWidget9moveEventEP10QMoveEvent
_ZN7QWidget9showEventEP10QShowEvent
_ZN7QWidgetC1EPS_6QFlagsIN2Qt10WindowTypeEE
_ZN8QMenuBar15insertSeparatorEi
_ZN8QMenuBar9insertAnyEPK5QIconPK7QStringPK7QObjectPKcPK12QKeySequencePK5QMenuii
_ZN8QMenuBarC1EP7QWidget
_ZN8QPainter8drawTextERK7QPointFRK7QString
_ZN8QPainter9translateERK7QPointF
_ZN8QPainterC1EP12QPaintDevice
_ZN8QPainterD1Ev
_ZN8QPaletteC2ERKS_
_ZN8QPaletteD2Ev
_ZN8QPrinter11setFullPageEb
_ZN8QPrinter5setupEP7QWidget
_ZN8QPrinter7newPageEv
_ZN8QPrinterC1ENS_11PrinterModeE
_ZN8QPrinterD1Ev
_ZNK12QFontMetrics5widthERK7QStringi
_ZNK12QFontMetrics6ascentEv
_ZNK7QWidget11paintEngineEv
_ZNK7QWidget14heightForWidthEi
_ZNK7QWidget16inputMethodQueryEN2Qt16InputMethodQueryE
_ZNK7QWidget5getDCEv
_ZNK7QWidget6metricEN12QPaintDevice17PaintDeviceMetricE
_ZNK7QWidget7devTypeEv
_ZNK7QWidget7paletteEv
_ZNK7QWidget9releaseDCEP5HDC__
_ZNK8QMenuBar15findActionForIdEi
_ZNK8QPainter11fontMetricsEv
_ZNK8QPainter6deviceEv
_ZNK8QPainter8isActiveEv
_ZThn8_NK7QWidget11paintEngineEv
_ZThn8_NK7QWidget5getDCEv
_ZThn8_NK7QWidget6metricEN12QPaintDevice17PaintDeviceMetricE
_ZThn8_NK7QWidget7devTypeEv
_ZThn8_NK7QWidget9releaseDCEP5HDC__

qtcore4

_Z13qFlagLocationPKc
_Z5qFreePv
_Z9qt_assertPKcS0_i
_ZN10QTextCodec6localeEv
_ZN11QMetaObject18connectSlotsByNameEP7QObject
_ZN11QTranslator4loadERK7QStringS2_S2_S2_
_ZN11QTranslatorC1EP7QObject
_ZN11QTranslatorD1Ev
_ZN16QCoreApplication17installTranslatorEP11QTranslator
_ZN16QCoreApplication4argcEv
_ZN16QCoreApplication4argvEv
_ZN16QCoreApplication9translateEPKcS1_S1_NS_8EncodingE
_ZN5QCharC1Ec
_ZN7QObject10timerEventEP11QTimerEvent
_ZN7QObject11customEventEP6QEvent
_ZN7QObject13connectNotifyEPKc
_ZN7QObject13setObjectNameERK7QString
_ZN7QObject16disconnectNotifyEPKc
_ZN7QObject7connectEPKS_PKcS1_S3_N2Qt14ConnectionTypeE
_ZN7QString11shared_nullE
_ZN7QString16fromAscii_helperEPKci
_ZN7QString4freeEPNS_4DataE
_ZN7QString6appendERKS_
_ZN7QString6numberEii
_ZN7QString8fromUtf8EPKci
_ZN7QString9fromAsciiEPKci
_ZN7QStringaSERKS_
_ZN8QMapData11shared_nullE
_ZN8QMapData16continueFreeDataEi
_ZN9QListData11shared_nullE
_ZN9QListData6appendEv
_ZN9QListData7detach2Ev
_ZNK11QMetaObject2trEPKcS1_
_ZNK7QObject10objectNameEv
_ZNK7QString3argERKS_iRK5QChar
_ZNK7QString4leftEi
_ZNK7QString7indexOfE5QChariN2Qt15CaseSensitivityE

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/61
Size: 655KB - Virtual size: 654KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/73
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/87
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/99
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/112
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/123
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/134
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

338560201c966036fc411b285704d3c1

Headers

File Characteristics

Imports

libgwenhywfar-47

kernel32

msvcrt

libgcc_s_dw2-1

libstdc++-6

qt3support4

qtgui4

qtcore4

Sections

.text Size: 42KB - Virtual size: 42KB

.data Size: 512B - Virtual size: 56B

.rdata Size: 6KB - Virtual size: 6KB

/4 Size: 2KB - Virtual size: 1KB

.bss Size: - Virtual size: 2KB

.idata Size: 12KB - Virtual size: 11KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

/14 Size: 512B - Virtual size: 176B

/29 Size: 2KB - Virtual size: 2KB

/45 Size: 5KB - Virtual size: 4KB

/61 Size: 655KB - Virtual size: 654KB

/73 Size: 8KB - Virtual size: 8KB

/87 Size: 13KB - Virtual size: 13KB

/99 Size: 2KB - Virtual size: 1KB

/112 Size: 12KB - Virtual size: 12KB

/123 Size: 38KB - Virtual size: 38KB

/134 Size: 3KB - Virtual size: 3KB

.text
Size: 42KB - Virtual size: 42KB

.data
Size: 512B - Virtual size: 56B

.rdata
Size: 6KB - Virtual size: 6KB

/4
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 12KB - Virtual size: 11KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

/14
Size: 512B - Virtual size: 176B

/29
Size: 2KB - Virtual size: 2KB

/45
Size: 5KB - Virtual size: 4KB

/61
Size: 655KB - Virtual size: 654KB

/73
Size: 8KB - Virtual size: 8KB

/87
Size: 13KB - Virtual size: 13KB

/99
Size: 2KB - Virtual size: 1KB

/112
Size: 12KB - Virtual size: 12KB

/123
Size: 38KB - Virtual size: 38KB

/134
Size: 3KB - Virtual size: 3KB